Q. Is this really as harmful as you think?

A. Go to your parents house, your grandparents house etc and look at their Windows PC, look at the installed software in the past year, and try to use the device. Run some antivirus scans. There’s no way this implementation doesn’t end in tears — there’s a reason there’s a trillion dollar security industry, and that most problems revolve around malware and endpoints.

  • Noble Shift@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    It’s subpoenable information. Absolutely no one is addressing that aspect.

    I’ve done quite a bit of work in IT within the sphere of investigative law enforcement and this sets off major alarm bells to me.

    • Gnome Kat@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      Can you elaborate on what “subpoenable information” means. Like I have a vague idea but im not super clear if thats like a legal term with special considerations or whatever. Elaboration would be helpful.

      • dumblederp@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        If you’re suspected of something and law enforcement can get a subpoena, you’ll have to hand over the contents of your microsoft keylogger, actually microsoft will hand over your contents from their keylogger.

      • mctoasterson@reddthat.com
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Not OP but the scenario described is say… A company and a specific manager gets sued for harassment. The plaintiff can be entitled to discovery related to the complaint, and that could now include the searchable screenshot database from the managers computer showing all the clear evidence that he harassed the plaintiff. Nightmare scenario for legal departments of companies.

        • Flying Squid@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          On the other hand, this makes it much easier for a corporation to spy on its employees, so I think at least some of them are in favor of this.

          • exanime@lemmy.today
            link
            fedilink
            English
            arrow-up
            0
            ·
            5 months ago

            Hmmmm it depends… Are they going to make more money by spying on employees than they’ll lose in lawsuits?

            I think COVID WFH policies proved the majority of us do not need someone breathing down our necks to perform

          • Melt@lemm.ee
            link
            fedilink
            English
            arrow-up
            0
            ·
            5 months ago

            If employees are using the corporate’s computers, they can already see everything the employees do, they don’t need this new window feature to do it

            • Flying Squid@lemmy.world
              link
              fedilink
              English
              arrow-up
              0
              ·
              5 months ago

              That is by no means necessarily the case. For example, if a notebook is taken into the field and is not on the LAN.

              • ITGuyLevi@programming.dev
                link
                fedilink
                English
                arrow-up
                0
                ·
                5 months ago

                A lot of companies are implementing better VPN tech (like SD-WAN, Nebula by Slack, etc), or at the least Microsoft Intune to ensure your corporate laptop is reachable anytime it’s connected to the internet.

              • Miaou@jlai.lu
                link
                fedilink
                English
                arrow-up
                0
                ·
                edit-2
                5 months ago

                Windows has some kind of built-in VPN feature that auto starts and will otherwise not give you any network access. Add on top of that some corporate firewall and you basically can’t sneeze around your laptop without IT knowing.

              • scops@reddthat.com
                link
                fedilink
                English
                arrow-up
                0
                ·
                5 months ago

                My work laptop is a brick until it establishes a VPN tunnel back to the home network. There are ways to ensure the device only works how the company wants it to.

    • mctoasterson@reddthat.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      No major corp I’m aware of is excited about these changes. Legal especially would like there to be the minimum records retention required by law, and a months long AI searchable database of individual user actions on a PC is a nightmare scenario for them.

      • bob_lemon@feddit.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        If the IT departments of any major corp allows anyone within their network to enable this feature, they and everyone the work for need a permanent waning label for idiocy and utter incompetence attached to their resume.

        • Ozymati@lemmy.nz
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          I don’t know, if I was IT decision-making and I worked for a company I didn’t particularly like I might install this for the executive stratosphere and hope for subpoenas.

        • Miaou@jlai.lu
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          Can I forward your comment to my IT team? Because they’ve done worse than that already :(

      • hemko@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        “By default” meaning it can be changed.

        Then someone in the company gets their device compromised, and security starts looking what happened on the device that time. “We’d have that data, but it was deleted yesterday because of the retention policy on recall” -answer from that new guy in IT dept. Security then reminds that the company policy requires minimum 30 days retention for all logging of security events.

      • deltapi@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Forensic data recovery. How many 500GB drives ship to PCs that never use more than 20% of that?

      • Noble Shift@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Well driven by my 30 years in the industry, 25 of which I’ve been using Windows/MS software, I’m going to take that with some salt. If my laptop can’t avoid having an existential crisis when my default browser is not Edge I’m going to throw shade and cast doubt about a feature no one is asking for being foisted upon us that can have what appears to be very serious repercussions.